Firearm authentication and tracking system

ABSTRACT

A system and method for managing one or more firearms having an authentication device is described. The method may receive a profile of one or more firearm users. The profile of the one or more firearm users may be registered to access one or more authentication devices coupled to one or more firearms. A usage of the one or more firearms coupled to the authentication devices may be tracked via the profile of the firearm user. The system can include a central server, a secure management station with a secure application, a docking station, a respective firearm lock or authentication device for each firearm and an enrollment station, each communicating in a secure manner, to globally manage a plurality of firearms.

PRIORITY CLAIM

The present application is a continuation of U.S. patent applicationSer. No. 17/125,464, filed Dec. 17, 2020, now U.S. Pat. No. 11,178,241,which claims priority to U.S. Provisional Application No. 62/949,373,filed on Dec. 17, 2019, the contents of which are incorporated herein byreference.

BACKGROUND

Controlling unauthorized use of a firearm is a focus of variousmanufacturers. Trigger locks and other safety devices, which can bemanual or automatic systems, often consist of a mixture of electronicand mechanical components. In these systems, a trigger lock is mountedto the firearm and removes the primary trigger function, rendering itdisabled. Design considerations dictate whether the trigger isphysically blocked from movement, or merely removed from the actuationcircuit. User authentication provides an extra level of safety to thesystem.

Conventional trigger locking systems and “smart” firearms are typicallypurchased and installed by the manufacturer for the most seamlessintegration. Available aftermarket systems can be cumbersome,unreliable, and difficult to install.

SUMMARY

As noted above, existing systems that provide conventional triggerlocking or user authentication for using a firearm can be cumbersome andunreliable. A need exists for a trigger locking system that can beuniversally installed on a variety of firearms, integrated into thefirearm without detracting from the form or function of the firearm, andthat includes a reliable mechanism to lock the device and enable thetrigger upon authentication.

One general aspect that is disclosed herein to address the above issuesincludes a method for managing one or more firearms having anauthentication device. The authentication device can be integrated intothe firearm to enable the use of the trigger upon authentication of theuser, through biometric or other means. The method also includesreceiving a profile of one or more firearm users. The method alsoincludes registering the profile of the one or more firearm users toaccess one or more authentication devices coupled to one or morefirearms. The method also includes tracking the usage by a user of theone or more firearms coupled to the authentication devices via theprofile of the firearm user. Other embodiments of this aspect includecorresponding computer systems, apparatus, and computer programsrecorded on one or more computer storage devices, each configured toperform the actions of the methods.

Implementations may include one or more of the following features. Themethod may include determining credentials of each profile of the one ormore firearm users and allocating the credentials to predeterminedfirearms. In some instances, the method may group one or more userprofiles into one or more squadrons. The method may also assign each ofthe one or more user profiles a ranking level within the one or moresquadrons. The method may include assigning one or more firearms to theone or more squadrons. The method may include tracking at least one of alocation, discharge, battery, and usage statistics of the one or morefirearms. In some embodiments, the method may determine a geographicallocation of one of the one or more firearms. The method may includedefining a predetermined usage boundary for the one or more firearms anddisabling, automatically, one of the one or more firearms when thefirearm violates the predetermined usage boundaries. In another aspect,an alert can be provided when the firearm leaves a predefined boundaryor violates a defined boundary. The alerts can be provided through thesystem software, an application, a text, an email, a multimodal alert, asound, a haptic response, and so forth. The predetermined usage boundarymay be a geographical boundary, a time-based boundary, or some othertype of boundary. The predetermined usage boundary may relate to userinformation or data and for example can define an unauthorized user ofthe one or more firearms. The predetermined usage boundary may relate tousage of a firearm and can include a predetermined number of dischargesfrom a firearm. The predetermined usage boundary may include apredetermined type of ammunition.

In an embodiment, the method may generate an alert when the firearm isdisabled. The method may include receiving usage data about one of theone or more firearms, analyzing the usage data and generating a reportdetailing the analyzed usage data. The method may include receiving adischarge notification when one of the one or more firearms dischargesand generating a discharge alert when the discharge notification isreceived. The method may include receiving a docking notification whenone of the one or more firearms is docked at a docking station andgenerating a docking alert when the docking notification is received.

In an embodiment, the method may include receiving a firearm profile ofthe one or more firearms and registering an authentication device to afirearm profile. The firearm profile may include at least one of afirearm serial number, firearm type, ammunition type, and dischargespeed. The method may include limiting operation of the firearm to oneor more firearm users. Implementations of the described techniques mayinclude hardware, a method or process, or computer software on acomputer-accessible medium.

One general aspect includes a method for enrolling a user of a firearmsafety system at an enrollment station. The method also includesreceiving instructions to enroll a new user of the firearm safety systemand receiving one or more biometric data points from the new user. Themethod also includes finalizing a user profile with the one or morebiometric data points, where the one or more biometric data pointsenable the new user to access at least one authentication device coupledto a firearm. Radio Frequency Identification (RFID) devices, biorhythmdata, biometric data, or smart cards, embedded smart tags, smart rings,bio-rhythm sensing components, and so forth, can be used as part ofthese processes. Other embodiments of this aspect include correspondingcomputer systems, apparatus, and computer programs recorded on one ormore computer storage devices, each configured to perform the actions ofthe methods.

Implementations may include one or more of the following features. Themethod may include communicating a finalized profile to a remote firearmmanagement server. The method may include receiving one or more usercredentials. The one or more user credentials may include one of a statelicense, federal license, firearm certification, firearm training,military training, and law enforcement training. The method may verifythe one or more user credentials. The one or more biometric data pointsmay include at least one of a fingerprint, voice identification, retinaidentification, facial recognition, finger geometry, and veinrecognition. Biorhythm data, RFID, proximity, or smart card data with atwo-factor authentication and handshakes between a card, bracelet, ringor other item on the body and a locking mechanism can be used. Themethod may include verifying the one or more biometric data points, suchas a fingerprint or facial recognition data. Implementations of thedescribed techniques may include hardware, a method or process, orcomputer software on a computer-accessible medium.

One general aspect includes a method of communicating with a firearmauthentication device. The communication in this case can be performedby a docking station. The method of communicating also includesestablishing communication with an authentication device coupled to afirearm, downloading firearm statistics from the authentication deviceand uploading a firearm profile to the authentication device coupled tothe firearm. Using a docking station to perform this communication withthe firearm can enable proper communication without connecting thefirearm to the Internet generally. In one aspect, the authenticationdevice will or may have the ability to send data via satellite/cellularbut will be presented from receiving data other than data of a certaintype, such as than GPS coordinates. The docking station can communicatein one aspect with the firearm authentication device and in anotheraspect can communicate with a management system in the cloud, thusisolating the authentication device of the firearm from the Internet.Other embodiments of this aspect include corresponding computer systems,apparatus, and computer programs recorded on one or more computerstorage devices, each configured to perform the actions of the methods.

Implementations may include one or more of the following features. Themethod may include communicating a battery status of the authenticationdevice to a central server or management system in the cloud. The methodmay include communicating a docking status to the central server. Themethod may include communicating a health status of the firearm to thecentral server. The firearm profile may include at least one of anauthenticated user, geographical usage boundaries, other usageboundaries, discharge threshold, allowed ammunition, and reloadthreshold. The firearm statistics may include at least one of useraccess, firearm health, and authentication device battery, accessattempts to the authentication device, biometric data of users, GPSlocations, discharge status, and discharge quantity. Implementations ofthe described techniques may include hardware, a method or process, orcomputer software on a computer-accessible medium.

One general aspect of this disclosure includes a firearm authenticationsystem. The firearm authentication system also includes anauthentication device implemented on a firearm and configured to limitoperation of a firearm to an approved user. The system also includes adocking station operably couplable to the authentication device andconfigured to download firearm statistics from the authentication deviceand upload a firearm profile to the authentication device safety coupledto the firearm. Other embodiments of this aspect include correspondingcomputer systems, apparatus, and computer programs recorded on one ormore computer storage devices, each configured to perform the actions ofthe methods.

Implementations may include one or more of the following features. Forinstance, the docking station may be further configured to charge theauthentication device. The docking station may communicate a batterystatus of the authentication device to a central server. The dockingstation may indicate an operable status of the authentication device.The docking station may communicate a health status of the firearm to acentral server. The docking station may communicate any other status ofthe firearm to the central server. The docking station may communicate adocking status to the central server. The docking station can establisha secure communication with a firearm lock, authentication device orauthentication device safety associated with the firearm and canestablish a secure tunnel for encrypted communications to anetwork-based server (i.e., the central server, a remote server, acloud-based server, etc.) where the database is managed. In one aspect,the docking station does not store any authentication data butrepackages such data and transmits it to the network-based server. Thisstructure allows for the secure control and transmission of data to andfrom each weapon without exposing the weapon to hacking. Implementationsof the described techniques may include hardware, a method or process,or computer software on a computer-accessible medium.

One general aspect includes a firearm authentication and managementsystem. The firearm authentication and management system can include anenrollment station configured to enroll or register users who desire touse firearms. The enrollment station communicates in a secure mannerwith a management station that includes a secure application used tomanage firearm usage and access and to obtain various datapoints. Afirearm manager can log into the management station to manage thefirearm usage and associated data. A secure tunnel with encryptedtraffic can be established between the management station and anetwork-based server where further management of the data can occur.

The firearm authentication system can also include an authenticationdevice configured to limit operation of a firearm to one or more oneusers. The authentication device also can include a docking moduleconfigured to communicate a status of the authentication device to adocking station. The authentication device can store authentication dataright on the firearm and enable user authentication while the firearm isin a locked status, and upon authentication, the firearm can transitionto an unlocked status in which the trigger is accessible and/or can bepulled to fire the firearm. Other embodiments of this aspect includecorresponding computer systems, apparatus, and computer programsrecorded on one or more computer storage devices, each configured toperform the actions of the methods.

DESCRIPTION OF THE DRAWINGS

A further understanding of the nature and advantages of the variousembodiments described herein may be realized by reference to thefollowing drawings accompanied by the detailed description. In theappended figures, similar components or features may have the samereference label. Further, various components of the same type may bedistinguished by following the reference label by a dash and a secondlabel that distinguishes among the similar components. If only the firstreference label is used in the specification, the description isapplicable to any one of the similar components having the same firstreference label irrespective of the second reference label.

FIG. 1 is a block diagram of an environment in which the present systemsand methods may be implemented, in accordance with various aspects ofthis disclosure;

FIG. 2A is a block diagram of an example enrollment station of theenvironments shown in FIG. 1 , in accordance with various aspects ofthis disclosure;

FIG. 2B is a block diagram of the example enrollment station of theenvironments shown in FIG. 2A, in accordance with various aspects ofthis disclosure;

FIG. 2C is an example isometric view of an enrollment station, inaccordance with various aspects of this disclosure;

FIG. 3A is a block diagram of an example management station of theenvironments shown in FIG. 1 , in accordance with various aspects ofthis disclosure;

FIG. 3B is a block diagram of the example management station of theenvironments shown in FIG. 3A, in accordance with various aspects ofthis disclosure;

FIG. 4A is a block diagram of an example docking station of theenvironments shown in FIG. 1 , in accordance with various aspects ofthis disclosure;

FIG. 4B is a block diagram of the example docking station of theenvironments shown in FIG. 4A, in accordance with various aspects ofthis disclosure;

FIG. 5A is a block diagram of an example authentication device of theenvironments shown in FIG. 1 , in accordance with various aspects ofthis disclosure;

FIG. 5B block diagram of the example authentication device station ofthe environments shown in FIG. 5A, in accordance with various aspects ofthis disclosure;

FIG. 5C illustrates an isometric view of an example authenticationdevice in connection with a firearm, in accordance with various aspectsof this disclosure;

FIG. 5D illustrates an isometric view of the example authenticationdevice in connection with the firearm, in accordance with variousaspects of this disclosure;

FIG. 5E illustrates a cross-sectional view of the example authenticationdevice in connection with a portion of the firearm in a locked position,in accordance with various aspects of this disclosure;

FIG. 5F illustrates a cross-sectional view of the example authenticationdevice in connection with a portion of the firearm in an unlockedposition, in accordance with various aspects of this disclosure;

FIG. 5G illustrates a cross-sectional view of the example authenticationdevice in connection with a portion of the firearm in the lockedposition, in accordance with various aspects of this disclosure;

FIG. 5H illustrates an isometric view of the example authenticationdevice in connection with the firearm and a docking station holding theauthentication device, in accordance with various aspects of thisdisclosure;

FIG. 5I illustrates an isometric view of the example authenticationdevice in connection with the firearm and the docking station, inaccordance with various aspects of this disclosure;

FIG. 5J illustrates an isometric view of the example authenticationdevice and the docking station holding the authentication device, inaccordance with various aspects of this disclosure;

FIG. 5K illustrates an isometric view of the example authenticationdevice as it docks with the docking station, in accordance with variousaspects of this disclosure;

FIG. 6 is a swim diagram relating to a firearm authentication system, inaccordance with various aspects of this disclosure, in accordance withvarious aspects of this disclosure;

FIG. 7 is a flow chart illustrating an example of a method relating to afire authentication system, in accordance with various aspects of thisdisclosure;

FIG. 8 is a flow chart illustrating an example of a method relating to afire authentication system, in accordance with various aspects of thisdisclosure; and

FIG. 9 is a flow chart illustrating an example of a method relating to afire authentication system, in accordance with various aspects of thisdisclosure.

While the embodiments described herein are susceptible to variousmodifications and alternative forms, specific embodiments have beenshown by way of example in the drawings and will be described in detailherein. However, the exemplary embodiments described herein are notintended to be limited to the particular forms disclosed. Rather, theinstant disclosure covers all modifications, equivalents, andalternatives falling within the scope of the appended claims.

DETAILED DESCRIPTION

The detailed description set forth below in connection with the appendeddrawings, where like numerals reference like elements, is intended as adescription of various embodiments of the disclosed subject matter andis not intended to represent the only embodiments. Each embodimentdescribed in this disclosure is provided merely as an example orillustration and should not be construed as preferred or advantageousover other embodiments. The illustrative examples provided herein arenot intended to be exhaustive or to limit the disclosure to the preciseforms disclosed. Similarly, any steps described herein areinterchangeable with other steps, or combinations of steps, in order toachieve the same or substantially similar result.

In the following description, numerous specific details are set forth inorder to provide a thorough understanding of exemplary embodiments ofthe present disclosure. It will be apparent to one skilled in the art,however, that many embodiments of the present disclosure may bepracticed without some or all of the specific details. In someinstances, well-known process steps have not been described in detail inorder to not unnecessarily obscure various aspects of the presentdisclosure. Further, it will be appreciated that embodiments of thepresent disclosure may employ any combination of features describedherein.

The present application may also reference quantities and numbers.Unless specifically stated, such quantities and numbers are not to beconsidered restrictive, but exemplary of the possible quantities ornumbers associated with the present application. Also in this regard,the present application may use the term “plurality” to reference aquantity or number. In this regard, the term “plurality” is meant to beany number that is more than one, for example, two, three, four, five,etc. The term “about,” “approximately,” etc., means plus or minus 5% ofthe stated value.

FIG. 1 illustrates an example of a firearm authentication and trackingsystem 100 in accordance with various aspects of this disclosure. Thefirearm authentication and tracking system 100 may include an enrollmentstation 200, management station 300, one or more docking station(s) 400,and one or more authentication device(s) 500 which communicate over atleast one network 105. A user device such as a tablet or other computingdevice 107 can be issued to a user for use in communicating with theenrollment station 200. The authentication device(s) 500 are installedon respective firearms and can include mechanical and/or electricallocking or safety mechanisms that can prevent a user from firing thefirearm unless authenticated (shown and described with respect to FIGS.5C-5K). For example, an authentication device 500 can be integrated intothe handle and body of a firearm and include a biometric reader, aprinted circuit board, and a trigger locking mechanism. Other aspectsinclude integrating the authentication device 500 into a stockcomponent, an accessory rail, or other location on the firearm. Thereader can also include an RF reader, and a component can be providedfor a back-up mechanical key. The authentication device 500 can receiveand store user profile data (authorized user data, biometric data,etc.), authenticate a user in a locked status of the trigger, and uponauthentication, release a locking bar to allow the trigger move for useby the authorized user. When the user sets down or releases their gripof the firearm, the firearm can automatically transition back to alocked status in preparation for authentication the next user thatpicked up the firearm.

The network 105 may provide user authentication, encryption, accessauthorization, tracking, Internet Protocol (IP) connectivity, and otheraccess, calculation, modification, and/or functions. The various devicesmay interface with the network 105 through wired and/or wirelesscommunications links 110 to one or more remote servers 115. The remoteserver 115 can provide a network-based server that stores data, updatesprofiles, and communicates with the various components as shown in FIG.1 . In various examples, the management station 300 and the dockingstations 400 may communicate, either directly or indirectly (e.g., witheach other over wired and/or wireless communication links 110).

The management station 300 may communicate, wired and/or wirelessly,with one or more enrollment stations 200. A user can be provided with aspecialized user device or tablet 107 configured just for them that cancommunicate with an enrollment station 200 to initially register theuser with the system. The enrollment station 200 may enable themanagement station 300 to gather and compile various firearm user datainto a user profile. The management station 300 may further communicate,wired and/or wirelessly, with the one or more docking stations 400. Themanagement station 300 can push data to the server 115 and the dockingstations 400 can sync with and download an encrypted database from theserver 115 in response to a request from a qualified firearm. Thedocking stations 400 may be located in the home of a firearm user or ata central location such as a police station or other central locationfor various personnel. In some embodiments, docking stations 400 may bemobile such as located within a police vehicle, military vehicle, or thelike. The docking station 400 may have a particular configuration thatis tailored to its environment such as a home, vehicle, type of vehicle,and so forth.

The docking stations 400 may communicate directly with the one or moreauthentication devices 500. The authentication device 500 can include aprocessor, battery, a communication component, and other computerhardware that integrates with the structure of a respective firearm tobe able to lock or disable the firearm according to its instruction andto communicate with at least one docking station 400 (as well as othercomponents in communication with the network 105, such as the enrollmentstation 200, management station 300, and/or the servers 115). Forexample, the authentication device 500 may couple to the docking station400 to charge a battery proximate the authentication device 500. Theauthentication device 500 may also communicate various data andstatistics concerning the life of the firearm since the last time theauthentication device 500 synced with the docking station 400. Note thatthe docking station will not store any such data but will repackage anyreceived data for transmission to the remote server 115 or to thefirearm authentication device 500 for further actions.

The communication links 110 shown in communications system 100 mayinclude uplink (UL) transmissions from one station to another, or fromone station to a device, and/or downlink (DL) transmissions, from onestation to another, or from one station to a device. The downlinktransmissions may also be called forward link transmissions while theuplink transmissions may also be called reverse link transmissions. Eachcommunication link 110 may include one or more carriers, where eachcarrier may be a signal made up of multiple sub-carriers (e.g., waveformsignals of different frequencies) modulated according to the variousradio technologies. Each modulated signal may be sent on a differentsub-carrier and may carry control information (e.g., reference signals,control channels, etc.), overhead information, user data, etc. Thecommunication links 115 may transmit bidirectional communications and/orunidirectional communications. Communication links 110 may include oneor more connections, including but not limited to, 345 MHz, Wi-Fi,BLUETOOTH®, BLUETOOTH® Low Energy, cellular, Z-WAVE®, 802.11,peer-to-peer, LAN, WLAN, Ethernet, fire wire, fiber optic, and/or otherconnection types related to security and/or automation systems.

Each station 200, 300, 400 and devices 107, 500 may also communicatedirectly with each other via one or more direct communication links 110.Two or more stations or devices may communicate via a directcommunication link 110 when both stations and/or devices are in apredetermined geographic coverage area or when one or neither devices iswithin the geographic coverage area. Examples of direct communicationlinks 110 may include Wi-Fi Direct, BLUETOOTH®, wired, and/or, and otherP2P group connections. The communication protocols may include WLANradio and baseband protocol including physical and MAC layers from IEEE802.11, and its various versions including, but not limited to, 802.11b,802.11g, 802.11a, 802.11n, 802.11ac, 802.1 lad, 802.11ah, etc. In otherimplementations, other peer-to-peer connections and/or ad hoc networksmay be implemented within the system 100.

The authentication devices 500 may be coupled to existing firearmseither owned by an individual, a group of persons, law enforcement,military, company, or the like (collectively called “personnel”throughout the application for ease). The authentication device 500 mayprevent an unauthorized user from discharging the firearm. Theauthentication device 500 may additionally track and control a firearmwhen coupled to the management station 300, or otherwise. For example,as will be described in further detail below, the enrollment station 200may generate a profile for a firearm user. The management station 300may then enable the personnel to manage firearm users and firearmsfitted with an authentication device 500.

All of the elements in the firearm authentication and tracking system100 may work independently of each other, and in further embodiments,may be personalized to the each end customer. For example, a lawenforcement customer may require all of the components outlined, i.e. anenrollment station 200, a management station 300, a plurality of dockingstations 400, and a plurality of authentication devices 500. Likewise,if the end user is a government agency or security personnel, all of thecomponents may be utilized in the end application. In furtherembodiments, the end consumer may only need the docking station 400 andthe authentication device 500. In some situations, the docking station400 may provide alerts to a firearm owner through a personal device suchas a mobile phone, laptop, smart assistant, or the like.

FIG. 2A is an exemplary block diagram of an enrollment station 200. Theenrollment station 200 may be an example of the enrollment station 200discussed with relation to FIG. 1 . In some embodiments, the enrollmentstation 200 may include a profile module 205 and an authenticationdevice module 210.

The profile module 205 may register one or more users of a firearm. Forexample, the profile module 205 may receive a request to generate a newuser profile. The request may come from a user device 107 that is incommunication with the enrollment station 200. The request may be ageneral request or may be a specific request. For example, the profilesmay have predetermined parameters already put in place and the requestmay specify the type of user. The type of user may vary depending on theend usage. For example, a recreational user may significantly limit theusage of a personal firearm when registering other users. Similarly, arecreational user may have very few restrictions on his or her ownprofile or perhaps a profile of a spouse or other experienced user. Inother embodiments, if the personnel are generating profiles for lawenforcement, for example, the profiles may vary depending on the usersrank and experience. A high ranking officer may have a set pre-generatedprofile with parameters.

In another example, a law enforcement application may be used to managea 3-tiered database, where the most common user of the firearm is in aDatabase A, the precinct is in Database B, and the entire organizationis in Database C. The database associated with this structure can bestored on the remote server 115 or elsewhere in the system. This tieredstructure can be used to prioritize the databases and unlock a weapon asfast as possible for the most common users. At the same time, the systemmaintains support of the lower-tier profiles for unlocking, forinstance, firearms used by tens of thousands of officers or militarypersonnel.

In some embodiments, the profile module 205 may gather information touniquely identify a potential firearm user. This may include variousbiometric data as well as personal data. Biometric data may include oneor more fingerprints, voice identification, retina identification, voiceidentification, retina identification, facial recognition, fingergeometry, vein recognition, and the like. This may also include radiofrequency identification (RFID). For example, each user may be providedwith a unique RFID tag or button or device. The enrollment station 200may associated the unique RFID tag with the user's profile. The uniqueuser device 107 may also be the user's mobile device, which cancommunicate via secure communications with the enrollment station 200 toidentify the firearm user.

In some embodiments, the user profile may also include a user's name,address, telephone number, training certifications, badge number,precinct information, and the like. Personal data may also include moreadvanced information such as military or law enforcement training, statecertifications, advanced classes, criminal record, or the like. In someembodiments, profiles may list federal, state, or international licensesor some combination thereof.

In some embodiments, the enrollment station 200 may also include anauthentication device module 210. In other embodiments, theauthentication device module 210 may additionally or alternatively be apart of the management station 300. The authentication device module 210may generate a profile that links an activation or authentication device500 with a specific firearm. For example, the authentication device 500may have a unique identifier such as a serial number. The authenticationdevice module 210 may link a specific authentication device 500 usingthe unique identifier to a specific firearm that the authenticationdevice 500 is installed on. In some embodiments, the authenticationdevice 500 and/or the firearm may generate a profile which may includevarious characteristics of the firearm such as type, serial number,caliber, class characteristics, types of ammunition, rifling pattern,discharge speed, reload speed, firearm modifications, and the like.

FIG. 2B shows a block diagram of an enrollment station 200-a for use ina firearm authentication and management system 100. The enrollmentstation 200-a may be an example of an enrollment station 200 discussedwith reference to FIGS. 1 and/or 2A. The enrollment station 200-a mayinclude a profile module 205-a and an authentication device module210-a. In further embodiments, the enrollment station 200 may alsoinclude a biometric sensor 215 and/or an RFID sensor 220.

The enrollment station 200-a may further include a processor module 225,and memory 230, including software/firmware code (SW) 235. Theenrollment station 200-a may also have an input/output controller (I/O)240 and user interface module 245. In some embodiments, the enrollmentstation 200-a may also have a transceiver module 250 coupled to one ormore antennas 255. All of the components of the enrollment station 200-amay communicate, directly or indirectly, with one another via one ormore buses 260.

In some embodiments, the transceiver module 250 may communicatebi-directionally via the one or more antennas 255, wired links, and/orwireless links with one or more networks or other devices as describedabove, including a mobile device 107 of a user. For example, thetransceiver module 250 may communicate bi-directionally with the userdevice 107, the management station 200, docking station 400,authentication device 500, remote server 1155, and/or remote storage.The transceiver module 250 may include a modem to modulate the packetsand provide the modulated packets to the one or more antennas 255 fortransmission, and to demodulate packets received from the one or moreantenna 255. While a single antenna 255 is shown, the enrollment station200-a may have multiple antennas 255 which may enable concurrentlytransmitting or receiving multiple transmissions. In some embodiments,one element of the enrollment station 200-a (e.g., the one or moreantennas 255, transceiver module 250, etc.) may provide a directconnection to a remote server (e.g., remote server 115) via a directnetwork link to the Internet via a POP (point of presence). In anembodiment, one element of the enrollment station 200-a (e.g., the oneor more antennas 255, the transceiver module 250, etc.) may provide aconnection using wireless techniques, including digital cellulartelephone connection, Cellular Digital Packet Data (CDPD) connection,digital satellite data connection, and/or another connection.

The signals associated with enrollment station 200-a may includewireless communication signals such as radio frequency,electromagnetics, local area network (LAN), wide area network (WAN),virtual private network (VPN), wireless network (using 802.11, forexample), 245 MHz, Z-WAVE®, cellular network (using 2G, LTE and/or 5G,for example), and/or other signals. The one or more antennas 255 and/ortransceiver module 250 may include or be related to, but are not limitedto, WWAN (GSM, CDMA, and WCDMA), WLAN (including BLUETOOTH® and Wi-Fi),WMAN (WiMAX), antennas for mobile communications, antennas for WirelessPersonal Area Network (WPAN) applications (including RFID and UWB). Insome embodiments, each antenna 255 may receive signals or informationspecific and/or exclusive to itself. In other embodiments, each antenna255 may receive signals or information not specific or exclusive toitself. In other embodiments, the signals associated with the enrollmentstation 200-a may include various wired connections.

In some embodiments, the enrollment station 200-a may include one ormore biometric sensors 215 and/or an RFID sensor 220. The one or morebiometric sensors 215 may collect one or more pieces of biometric dataof a firearm user. For example, the one or more biometric sensors mayinclude a fingerprint scanner, a microphone for audio input, an iris orretina scanner, a camera or sensor for facial recognition, and the like.In some embodiments, the one or more biometric sensors 215 may read ormeasure light, temperature, speed, electrical capacity, and other typesof energies to gather biometric data. The RFID sensor 220 may gatherinformation from an RFID tag associated with the user. For example, anauthorized user may wear a ring that has an RFID tag that is read orsensed by the RFID sensor 220. The one or more biometric sensors 215and/or the RFID sensor 220 may connect to some element of the system(e.g., firearm authentication and tracking system 100) via a networkusing one or more wired and/or wireless connections.

The user interface module 245 may enable a person to interact with theenrollment station 200-a. For example, the user interface module 245 mayinclude a visual display such as a display screen, an audio device suchas a speaker, and various input devices such as a keyboard,touch-screen, microphone, or the like. Multimodal inputs and outputs maybe provided as well. In some embodiments, the user interface module 245may communicate with a remote or external device through the I/Ocontroller 240.

The memory 230 may include random access memory (RAM), read only memory(ROM), flash RAM, other types of memory, or some combination thereof.The memory 230 may store computer-readable, computer-executablesoftware/firmware code 235 which may include instructions that, whenexecuted, cause the processor module 225 to perform various functionsdescribed in this disclosure (e.g., registering a new user, gatheringbiometric data, registering an RFID device, etc.). Alternatively, thesoftware/firmware code 235 may not be directly executable by theprocessor module 235 but may cause a computer to perform functionsdescribed herein. Alternatively, the computer-readable,computer-executable software/firmware code 235 may not be directlyexecutable by the processor module 225 but may be configured to cause acomputer (e.g., when compiled and executed) to perform functionsdescribed herein. The processor module 225 may include an intelligenthardware device, e.g., a central processing unit (CPU), amicrocontroller, an application-specific integrated circuit (ASIC), etc.A software module can include computer-readable programming code (in anylanguage) which, when executed by a processor, causes the processor toperform certain operations, thus making a device operating with theprocessor as instructed by the module into a special purpose system ordevice.

In some embodiments, the memory 230 can contain, among other things, theBasic Input-Output system (BIOS) which may control basic hardware and/orsoftware operation such as the interaction with peripheral components ordevices. For example, the profile module 205-a and the authenticationdevice module 210-a to implement the present systems and methods may bestored within the system memory 230. Applications may be resident withinthe enrollment station, e.g., a hard disk drive or other storage medium,alternatively or additionally, applications can be in the form ofelectronic signals modulated in accordance with the application and datacommunication technology when accessed via a network interface.

In some embodiments, all of the elements shown in FIG. 2B need not bepresent to practice the present systems and methods. The devices andsubsystems can be interconnected in different ways from that shown inFIG. 2B. In some embodiments, an aspect of some operation of a system,such as that shown in FIG. 2B, may be readily known in the art and arenot discussed in detail in this application. Code to implement thepresent disclosure can be stored in a non-transitory computer-readablemedium such as one or more of system memory 230 or other memory. Theoperating system provided on input/output controller 240 may be iOS®,ANDROID®, MS-DOS®, MS-WINDOWS®, OS/2®, UNIX®, LINUX®, or another knownoperating system.

An exemplary embodiment of an enrollment station 200′ is shown in FIG.2C. In the illustrated embodiment of FIG. 2C, the enrollment station200′ is configured to enable the management station 300 to gather andcompile various firearm user data into a user profile. In that regard,in some embodiments, the enrollment station 200′ includes at least onebiometric sensor 215′ and/or an RFID sensor 220′ enclosed within ahousing 210′.

The at least one biometric sensor 215′ may collect one or more pieces ofbiometric data of a firearm user. For example, the at least onebiometric sensor 215′ may include a fingerprint scanner, a microphonefor audio input, an iris or retina scanner, a camera for facialrecognition, and the like. In the embodiment depicted, the at least onebiometric sensor 215′ is defined at the end of a finger groove 222′ onthe exterior of the housing 210′ to support accurate positioning of theuser's finger on the sensor 215′. In some embodiments, the biometricsensor(s) 215′ may read or measure light, temperature, speed, electricalcapacity, and other types of energies to gather biometric data. The RFIDsensor 220′ may gather information from an RFID tag associated with theuser. For example, a police officer may have a ring that includes anRFID tag that can be read by an RFID sensor 220′ and which can be usedfor authentication or for registration of an authorized user with thesystem disclosed herein.

The biometric sensor(s) 215′ and the RFID sensor 220′ are in wiredcommunication with an enrollment station PCB 224′, which has componentsfor executing the functions of at least the modules described above withreference to FIGS. 2A and 2B. The enrollment station PCB 224′communicatively connects to the management station 300 through securewired means, such as via a secure input/output port 230′, and or securewireless connections.

In one aspect, a secure input/output port 230′ of the enrollment stationcan be used to communicate with a communication port of a tablet or userdevice 107. The enrollment station 200′ can also include the ability tocommunicate with the tablet 107 via a wireless connection such as WiFi,Bluetooth, or other wireless protocol. As noted elsewhere herein, thetablet or user device 107 includes a special configuration to enable anauthorized user to enroll in the system via the enrollment station 200′.

FIG. 3A is an exemplary block diagram of a management station 300. Themanagement station 300 may be an example of the management station 300discussed with relation to FIG. 1 . In some embodiments, the managementstation 300 may include a profile module 305, a firearm module 310, asecurity module 315, and a report module 320.

In some embodiments, the user module 305 may receive one or moreprofiles from the enrollment station 200-a. In other embodiments, theuser module 305 may contain or be linked to the enrollment station200-a. The user module 305 may manager user credentials and assign usersto specific authentication devices, groups, squadrons, and the like. Agroup can refer to any grouping of people such as in a squadron,battalion, neighborhood and so forth. For example, the user module 305may, based at least in part on personnel information, assign varioususer specific roles.

This may include a ranking in a hierarchy if the user is placed into asquadron. For example, if the management station 300 is run by lawenforcement or military, each user may have a rank associated with theirprofile. This ranking may equate to various access levels to firearmsinclude usage parameters and types of firearms. Further, each profilemay have a list of acceptable firearms. For example, in some instances,prior to gaining access to a firearm, the user may require training onthe specific firearm. The user may then receive approval to access thespecific firearms.

In further embodiments, the group associated with the user may determineaccess to various firearms or types of firearms. For example, a user mayhave access, via an authentication device 500, to one or more firearmsutilized by his squadron, battalion, or the like.

In some embodiments, users may be paired or associated with specificfirearms. The user module 305, in conjunction with the firearm module310, may assign a specific firearm or set of firearms to a specificsubset of users. For example, a police officer and their partner may beassigned to at least one specific firearm. The authentication device 500on the at least one specific firearm may be program to have the policeofficer and partner as primary users of the specific firearm. However,the authentication device 500 may have a secondary tier of users which,in one example, may include other officers in the precinct. In someembodiments, the authentication device 500 may have a tertiary tier ofauthorized users, which may include all authorized users in thedivision.

In some embodiments, users may have geographical restrictions to theirusage. This may be a specific area the user is approved to operate afirearm such as on a firing range while being trained. It may also bemission specific or job specific. A security guard may be prevented fromdischarging a weapon outside of the area they were hired to protect,such as a state or a city. In another aspect, the system can also belocked and restricted by time and day, for instance, weapon is notoperable when off shift and sends notification if dedocked during thistime or use is attempted.

As discussed previously, the firearm module 310 may assign variousauthentication devices (e.g., authentication device 500) to specificfirearms. The firearm module 310 may further track firearms, determineusage statistics, generate health reports on the systems, generatefirearm alerts, define geo-fencing or different types of boundaries forspecific firearms, and the like. For example, the firearm module 310 maypair a specific firearm with an authentication device 500. The firearmmay be tracked by serial number. The firearm module 310 may then be ableto track usage and other data about the firearm through theauthentication device 500. The usage may include determining whoaccessed the firearm, if an unauthorized user attempted to discharge thefirearm, a location of the firearm, discharge statistics, ammunitioncharacteristics, reload data, and the like. If authentication fails, thesystem can capture a biometric signature, store it on the firearm orauthentication device 500, and transmit it to the server 115 to comparethe biometric signature against a criminal database to assist in findingand charging the criminal. The firearm lock (or authentication device500) can be configured to do one-way or two-way cellular communicationto send alerts, GPS location, or other sensed data such as temperatureor humidity. In some aspects, if the user is prevented from using thedevice, a communication link could be established with a server 115 orother device such that a conversation could occur and a manual unlockingof the firearm could be provided. For example, if an officer is outsideof his or her geographic jurisdiction but comes across a criminalsituation and needs to use their firearm, then an ad hoc or manualauthorization to use the firearm could quickly occur to override userprofile data that is preventing under normal circumstances the use ofthe firearm. For example, a one-time token could be transmittedwirelessly to the authentication device 500 or to docking station 400that enables use of the weapon.

The security module 315 may ensure all data transmissions andinformation is secured. For example, the security module 315 may requiretwo-step authentication for users to access the management station 300,and in some embodiments, the enrollment station 200. Additionally, oralternatively, the number of users with access to the management station300, and in some embodiments, enrollment station 200, may be limited toa predetermined number. In one aspect, a management station 300 mayrequire two-factor authentication for all managers and possiblebiometric requirements for logging in. The predetermined number may varydepending upon end use of the system, but in some embodiments, thepredetermined number may range from 1 person to no more than 12 persons.The security module 315 may also encrypt any data and data transmissionsaccess, stored, or communicated to and/or from the management station300. This may prevent unauthorized users from attempting to gainunwanted access to the system.

The report module 320 may generate one or more reports or alertsconcerning firearm status. For example, the report module 320 maygenerate an immediate alert when a firearm is discharged. In thisregard, the authentication device 500 can include a communicationcomponent that can connect with a cellular, WiFi or other system andsend a report to the remote server 115 upon the firearm being fired. Thereport module 320 may also generate an alert when a user, via theauthentication device 500, has disengaged a safety on a firearm. In someembodiments, the report module may generate an alert when anunauthorized user attempts to access a firearm. Other alerts may includelow battery life of the authentication device 500, firearm reloading,exceeding one or more thresholds include duration away from a dockingstation or a geo-fence, ammunition type, and the like. For example, thesystem can report a battery status to a device.

The report module 320 may also generate one or more reports. The reporttype and information included therein may vary. For example, a firearmreport may detail information uploaded from an authentication device 500regarding a specific firearm. This may include duration away fromdocking station, a user who removed the firearm from a docking station,any attempts—successfully or unsuccessfully—to gain access to dischargethe firearm, discharge data, ammunition data, route or movementtracking, and the like. A squad report may provide user statistics inrelation to firearms. For example, a squadron report may list users whoaccessed firearms, users who discharge firearms, and other informationas required or desired. The reports may be daily, weekly, monthly, orany other time predetermined interval. A report can cover a singlepolice shift, or a group of weekend shifts, for example. In someembodiments, if an incident has occurred, personnel may generatespecific reports during the times of the incident to generate granularinformation surrounding the incident.

FIG. 3B shows a block diagram of a management station 300-a for use in afirearm authentication and management system. The management station300-a may be an example of a management station 300 discussed withreference to FIGS. 1 and/or 3A. The management station 300-a may includea user module 305-a, a firearm module 310-a, and a security module315-a.

The management station 300-a may further include a processor module 325,and memory 330, including software/firmware code (SW) 335. Themanagement station 300-a may also have an input/output controller (I/O)340 and user interface module 345. In some embodiments, the managementstation 300-a may also have a transceiver module 350 coupled to one ormore antennas 355. All of the components of the management station 300-amay communicate, directly or indirectly, with one another via one ormore buses 360.

In some embodiments, the transceiver module 350 may communicatebi-directionally via the one or more antennas 355, wired links, and/orwireless links with one or more networks or other devices as describedabove. For example, the transceiver module 350 may communicatebi-directionally with the enrollment station 300, docking station 400,authentication device 500, remote server 115, and/or remote storage. Thetransceiver module 350 may include a modem to modulate the packets andprovide the modulated packets to the one or more antennas 355 fortransmission, and to demodulate packets received from the one or moreantenna 355. While a single antenna 355 is shown, the enrollment station300-a may have multiple antennas 355 which may enable concurrentlytransmitting or receiving multiple transmissions. In some embodiments,one element of the management station 300-a (e.g., the one or moreantennas 355, transceiver module 350, etc.) may provide a directconnection to a remote server (e.g., remote server 115) via a directnetwork link to the Internet via a POP (point of presence). In anembodiment, one element of the enrollment station 300-a (e.g., the oneor more antennas 355, the transceiver module 350, etc.) may provide aconnection using wireless techniques, including digital cellulartelephone connection, Cellular Digital Packet Data (CDPD) connection,digital satellite data connection, and/or another connection.

The signals associated with the system may include wirelesscommunication signals such as radio frequency, electromagnetics, localarea network (LAN), wide area network (WAN), virtual private network(VPN), wireless network (using 802.11, for example), 245 MHz, Z-WAVE®,cellular network (using 2G and/or LTE, for example), and/or othersignals. The one or more antennas 355 and/or transceiver module 350 mayinclude or be related to, but are not limited to, WWAN (GSM, CDMA, andWCDMA), WLAN (including BLUETOOTH® and Wi-Fi), WMAN (WiMAX), antennasfor mobile communications, antennas for Wireless Personal Area Network(WPAN) applications (including RFID and UWB). In some embodiments, eachantenna 355 may receive signals or information specific and/or exclusiveto itself. In other embodiments, each antenna 355 may receive signals orinformation not specific or exclusive to itself. In further embodiments,the signals associated with the system may include wired communicationssignals.

The user interface module 345 may enable a person to interact with themanagement station 300-a. For example, the user interface module 345 mayinclude a visual display such as a display screen, an audio device suchas a speaker, and various input devices such as a keyboard,touch-screen, microphone, or the like. In some embodiments, the userinterface module 345 may communicate with a remote or external devicethrough the I/O controller 340.

The memory 330 may include random access memory (RAM), read only memory(ROM), flash RAM, other types of memory, or some combination thereof.The memory 330 may store computer-readable, computer-executablesoftware/firmware code 335 which may include instructions that, whenexecuted, cause the processor module 325 to perform various functionsdescribed in this disclosure (e.g., registering a new user, gatheringbiometric data, registering an RFID device, etc.). Alternatively, thesoftware/firmware code 335 may not be directly executable by theprocessor module 335 but may cause a computer to perform functionsdescribed herein. Alternatively, the computer-readable,computer-executable software/firmware code 335 may not be directlyexecutable by the processor module 325 but may be configured to cause acomputer (e.g., when compiled and executed) to perform functionsdescribed herein. The processor module 325 may include an intelligenthardware device, e.g., a central processing unit (CPU), amicrocontroller, an application-specific integrated circuit (ASIC), etc.

In some embodiments, the memory 330 can contain, among other things, theBasic Input-Output system (BIOS) which may control basic hardware and/orsoftware operation such as the interaction with peripheral components ordevices. For example, the user module 305-a, firearm module 310-a, thesecurity module 315-a, and the report module 320-a to implement thepresent systems and methods may be stored within the system memory 330.Applications may be resident within the enrollment station, e.g., a harddisk drive or other storage medium, alternatively or additionally,applications can be in the form of electronic signals modulated inaccordance with the application and data communication technology whenaccessed via a network interface.

In some embodiments, all of the elements shown in FIG. 3B need not bepresent to practice the present systems and methods. The devices andsubsystems can be interconnected in different ways from that shown inFIG. 3B. In some embodiments, an aspect of some operation of a system,such as that shown in FIG. 3B, may be readily known in the art and arenot discussed in detail in this application. Code to implement thepresent disclosure can be stored in a non-transitory computer-readablemedium such as one or more of system memory 330 or other memory. Theoperating system provided on input/output controller 340 may be iOS®,ANDROID®, MS-DOS®, MS-WINDOWS®, OS/2®, UNIX®, LINUX®, or another knownoperating system.

FIG. 4A is an exemplary block diagram of a docking station 400. Thedocking station 400 may be an example of one of the docking stations 400discussed with relation to FIG. 1 . In some embodiments, the dockingstation 400 may include a communication module 405. The docking station400 can be physically configured according to its environment. Forexample, a first type of docking station 400 may be configured in avehicle or a certain type of vehicle, while a second type of dockingstation 400 may be configured in a home or office.

The communication module 405 may upload and/or download data andstatistics from a connected authentication device. The connection mayoccur when the authentication device is charging—either via a wire orwirelessly. The communication device 405 may upload data to theauthentication device such as the different tiers of users with accessto the firearm and various other parameters established by personnel.This may include allowed ammunition, geo-fencing, and the like.

The communication module 405 may also download information from theauthentication device 500 to communicate with the management station(e.g., management station 300).

FIG. 4B shows a block diagram of a docking station 400-a for use in afirearm authentication and management system. The docking station 400-amay be an example of a docking station 400 discussed with reference toFIGS. 1 and/or 4A. The docking station 400-a may include a communicationmodule 405-a.

The docking station 400-a may further include a processor module 425,and memory 430, including software/firmware code (SW) 435. The dockingstation 400-a may also have an input/output controller (I/O) 440 anduser interface module 445. In some embodiments, the docking station400-a may also have a transceiver module 450 coupled to one or moreantennas 455. All of the components of the docking station 400-a maycommunicate, directly or indirectly, with one another via one or morebuses 460.

In some embodiments, the transceiver module 450 may communicatebi-directionally via the one or more antennas 455, wired links, and/orwireless links with one or more networks or other devices as describedabove. For example, the transceiver module 450 may communicatebi-directionally with the enrollment station 200, management station300, authentication device 500, remote server 115, and/or remotestorage. The transceiver module 450 may include a modem to modulate thepackets and provide the modulated packets to the one or more antennas455 for transmission, and to demodulate packets received from the one ormore antenna 455. While a single antenna 455 is shown, the enrollmentstation 400-a may have multiple antennas 455 which may enableconcurrently transmitting or receiving multiple transmissions. In someembodiments, one element of the docking station 400-a (e.g., the one ormore antennas 455, transceiver module 450, etc.) may provide a directconnection to a remote server (e.g., remote server 115) via a directnetwork link to the Internet via a POP (point of presence). In anembodiment, one element of the docking station 400-a (e.g., the one ormore antennas 455, the transceiver module 450, etc.) may provide aconnection using wireless techniques, including digital cellulartelephone connection, Cellular Digital Packet Data (CDPD) connection,digital satellite data connection, and/or another connection.

The signals associated with the system may include wirelesscommunication signals such as radio frequency, electromagnetics, localarea network (LAN), wide area network (WAN), virtual private network(VPN), wireless network (using 802.11, for example), 445 MHz, Z-WAVE®,cellular network (using 4G, 5G and/or LTE, for example), and/or othersignals. The one or more antennas 455 and/or transceiver module 450 mayinclude or be related to, but are not limited to, WWAN (GSM, CDMA, andWCDMA), WLAN (including BLUETOOTH® and Wi-Fi), WMAN (WiMAX), antennasfor mobile communications, antennas for Wireless Personal Area Network(WPAN) applications (including RFID and UWB). In some embodiments, eachantenna 455 may receive signals or information specific and/or exclusiveto itself. In other embodiments, each antenna 455 may receive signals orinformation not specific or exclusive to itself. In further embodiments,the signals associated with the system may include wired communicationssignals.

The user interface module 445 may enable a person to interact with thedocking station 400-a. For example, the user interface module 445 mayinclude a visual display such as a display screen, an audio device suchas a speaker, and various input devices such as a keyboard,touch-screen, microphone, or the like. In some embodiments, the userinterface module 445 may communicate with a remote or external devicethrough the I/O controller 440.

The memory 430 may include random access memory (RAM), read only memory(ROM), flash RAM, other types of memory, or some combination thereof.The memory 430 may store computer-readable, computer-executablesoftware/firmware code 435 which may include instructions that, whenexecuted, cause the processor module 425 to perform various functionsdescribed in this disclosure (e.g., communicating with an authenticationdevice, charging an authentication device, communicating with amanagement station, etc.). Alternatively, the software/firmware code 435may not be directly executable by the processor module 435 but may causea computer to perform functions described herein. Alternatively, thecomputer-readable, computer-executable software/firmware code 435 maynot be directly executable by the processor module 425 but may beconfigured to cause a computer (e.g., when compiled and executed) toperform functions described herein. The processor module 425 may includean intelligent hardware device, e.g., a central processing unit (CPU), amicrocontroller, an application-specific integrated circuit (ASIC), etc.

In some embodiments, the memory 430 can contain, among other things, theBasic Input-Output system (BIOS) which may control basic hardware and/orsoftware operation such as the interaction with peripheral components ordevices. For example, the communication module 405-a to implement thepresent systems and methods may be stored within the system memory 430.Applications may be resident within the docking station, e.g., a harddisk drive or other storage medium, alternatively or additionally,applications can be in the form of electronic signals modulated inaccordance with the application and data communication technology whenaccessed via a network interface.

In some embodiments, all of the elements shown in FIG. 4B need not bepresent to practice the present systems and methods. The devices andsubsystems can be interconnected in different ways from that shown inFIG. 4B. In some embodiments, an aspect of some operation of a system,such as that shown in FIG. 4B, may be readily known in the art and arenot discussed in detail in this application. Code to implement thepresent disclosure can be stored in a non-transitory computer-readablemedium such as one or more of system memory 430 or other memory. Theoperating system provided on input/output controller 440 may be iOS®,ANDROID®, MS-DOS®, MS-WINDOWS®, OS/2®, UNIX®, LINUX®, or another knownoperating system.

FIG. 5A is an exemplary block diagram of an authentication device 500.The authentication device 500 may be an example of the authenticationdevice 500 discussed with relation to FIG. 1 . In some embodiments, theauthentication device 500 may include a use module 505, a trackingmodule 510, and a sync module.

The use module 505 may include all of the identifying information of anauthorized user of the authentication device 500 associated with afirearm. In some embodiments, the use module 505 may categorize or storethe information in varying tiers of users. For example, a first tieruser may comprise a user specifically associated with the specificfirearm. This may be a firearm assigned to the user on a more permanentbasis or may be a daily assignment, or may be based on some otherspecific time frame such as a work shift. The first tier may change asthe users assigned to the firearm change. A second tier of users mayinclude a larger group of users authorized to use the firearm in charge.An example includes a group of law enforcement people associated with apolice precinct. A third tier of users may include a larger group ofpeople than the second tier. The third tier of users may additionallyinclude users authorized to use the firearm associated with theauthentication. An example of third tier users may include all lawenforcement personal in a district. Another tier might be based on timeor geography. Information within a tier might not be contiguous, such asdifferent time slots or different cities that are separated.

When a user attempts to access the firearm via the authentication device500, the use module 505 may first compare the attempted users'credentials with the first tier of users. This group is small andprovide enable faster authentication due to the lower number of profilesto parse. If a match is not found in the first tier of users, the usemodule 505 may search a second tier of users. Again, if a match is notfound, the use module 505 may access the third tier of users. If a matchis still not located, the use module 505 may deny the potential useraccess to the firearm. Additionally, the use module 505 may store theuser's information (i.e. biometric data or other qualifying data), andcommunicate this data to the track module 510. Additionally, if thepotential user is granted access, the use module 505 may store thatinformation in the track module 510. The user module 505 might alsocompare the time or location to a tier related to such information.

The track module 510 may track all parameters pertaining to theauthentication device 500 and the firearm as discussed herein. Forexample, the track module 510 may track the number of both authorizedattempts and unauthorized attempts access to the firearm. The trackmodule 510 may also track the type of ammunition in the magazineassociated with the firearm. For example, some firearms may be regulatedto only be discharged with non-lethal rounds. The authentication device500 may determine when ammunition other than non-lethal round are loadedinto the firearm and prevent user access to the firearm under thosecircumstances and track all ammunition data.

The track module 510 may also record the number of discharges, frequencybetween discharges, timing between discharges, time of discharge,location of discharge, and the like. In some embodiments, theauthentication device 500 may be equipped with a speaker and may detectone or more warnings issued to a potential target prior to a lawenforcement office or other personnel discharging the weapon.

The track module 510 may also track the geographical location of thefirearm. The authentication device 500 on a firearm may include a GPStracking component, cellular component, RFID tag, or other mechanism fortransmitting or enabling a location of the device to be tracked. Thesystem also send the GPS location of the firearm when the firearm isfired/unlocked or travels outside its geo fence or gets dedocked when itshould not be undocked. The track module 510 may determine the dockingtimes of the authentication device 500 on a docking station. The trackmodule 510 may track the battery status and life of the authenticationdevice 500.

The sync module 515 may compile all of the data from the use module 505and the track module 510 and transfer the data to one of a dockingstation (e.g., docking station 400) or management station (e.g.,management station 300). The data may transfer when the authenticationdevice 500 is in communication with either the docking station 400 orthe management station 300. The sync module 515 may also uploadinformation from either the docking station or the management stationwhen in communication with either. Secure communications, encryption ofdata, tunneling, and so forth can be used to secure the communicationbetween components.

FIG. 5B shows a block diagram of an authentication device 500-a for usein a firearm authentication and management system. The authenticationdevice 500-a may be an example of an authentication device 500 discussedwith reference to FIGS. 1 and/or 9 . The authentication device 500-a mayinclude a use profile 505-a, tracking module 510-a, and sync module515-a. In further embodiments, the authentication device 500-a may alsoinclude a biometric sensor 515 and an RFID sensor 520.

The authentication device 500-a may further include a processor module525, and memory 530, including software/firmware code (SW) 535. Theauthentication device 500-a may also have an input/output controller(I/O) 540 and user interface module 545. In some embodiments, theauthentication device 500-a may also have a transceiver module 550coupled to one or more antennas 555. All of the components of theauthentication device 500-a may communicate, directly or indirectly,with one another via one or more buses 560.

In some embodiments, the transceiver module 550 may communicatebi-directionally via the one or more antennas 555, wired links, and/orwireless links with one or more networks or other devices as describedabove. For example, the transceiver module 550 may communicatebi-directionally with the enrollment station 200, management station300, docking station 400, remote server 115, and/or remote storage. Thetransceiver module 550 may include a modem to modulate the packets andprovide the modulated packets to the one or more antennas 555 fortransmission, and to demodulate packets received from the one or moreantenna 555. While a single antenna 555 is shown, the authenticationdevice 500-a may have multiple antennas 555 which may enableconcurrently transmitting or receiving multiple transmissions. In someembodiments, one element of the authentication device 500-a (e.g., theone or more antennas 555, transceiver module 550, etc.) may provide adirect connection to a remote server (e.g., remote server 115) via adirect network link to the Internet via a POP (point of presence). In anembodiment, one element of the authentication device 500-a (e.g., theone or more antennas 555, the transceiver module 550, etc.) may providea connection using wireless techniques, including digital cellulartelephone connection, Cellular Digital Packet Data (CDPD) connection,digital satellite data connection, and/or another connection.

A battery 570 is shown in the authentication device 500-a. A batterystatus can be reported to the docking station 400-a or other device aspart of the processes disclosed herein. The battery 570 can be chargedby the docking station 400-a, through a battery replacement approach,through a solar panel configured on the firearm or on the dockingstation 400-a, or by other approaches.

The signals associated with authentication device 500-a may includewireless communication signals such as radio frequency,electromagnetics, local area network (LAN), wide area network (WAN),virtual private network (VPN), wireless network (using 802.11, forexample), 545 MHz, Z-WAVE®, cellular network (using 5G and/or LTE, forexample), and/or other signals. The one or more antennas 555 and/ortransceiver module 550 may include or be related to, but are not limitedto, WWAN (GSM, CDMA, and WCDMA), WLAN (including BLUETOOTH® and Wi-Fi),WMAN (WiMAX), antennas for mobile communications, antennas for WirelessPersonal Area Network (WPAN) applications (including RFID and UWB). Insome embodiments, each antenna 555 may receive signals or informationspecific and/or exclusive to itself. In other embodiments, each antenna555 may receive signals or information not specific or exclusive toitself. In other embodiments, the signals associated with theauthentication device 500-a may include various wired connections.

In some embodiments, the authentication device 500-a may include one ormore biometric sensors 515 and an RFID sensor 520. The one or morebiometric sensors 515 may collect one or more pieces of biometric dataof a firearm user. For example, the one or more biometric sensors mayinclude a fingerprint scanner, a microphone for audio input, an iris orretina scanner, a camera or other device for facial recognition, and thelike. In some embodiments, the one or more biometric sensors 515 mayread or measure light, temperature, speed, electrical capacity, andother types of energies to gather biometric data. The RFID sensor 520may gather information from an RFID tag associated with the user. Theone or more biometric sensors 515 and/or the RFID sensor 520 may connectto some element of the system (e.g., firearm authentication and trackingsystem 100) via a network using one or more wired and/or wirelessconnections 110. The biometric sensor 515 and RFID sensor 520 may workin conjunction with the user module 505-a to determine if a user hasauthorized access to the associated firearm.

In some embodiments, the authentication device 500-a may include a userinterface module 545. The user interface module 545 may enable a personto interact with the authentication device 500-a. For example, the userinterface module 545 may include a visual display such as a displayscreen, an audio device such as a speaker, LED light, and various inputdevices such as a keyboard, touch-screen, microphone, sensor, or thelike. A haptic or movement component can also provide input to the userfor some features, such as when authentication fails. In someembodiments, the user interface module 545 may communicate with a remoteor external device through the I/O controller 540.

The memory 530 may include random access memory (RAM), read only memory(ROM), flash RAM, other types of memory, or some combination thereof.The memory 530 may store computer-readable, computer-executablesoftware/firmware code 535 which may include instructions that, whenexecuted, cause the processor module 525 to perform various functionsdescribed in this disclosure (e.g., authenticating a user, gatheringbiometric data, detecting an RFID device, etc.). Alternatively, thesoftware/firmware code 535 may not be directly executable by theprocessor module 535 but may cause a computer to perform functionsdescribed herein. Alternatively, the computer-readable,computer-executable software/firmware code 535 may not be directlyexecutable by the processor module 525 but may be configured to cause acomputer (e.g., when compiled and executed) to perform functionsdescribed herein. The processor module 525 may include an intelligenthardware device, e.g., a central processing unit (CPU), amicrocontroller, an application-specific integrated circuit (ASIC), etc.

In some embodiments, the memory 530 can contain, among other things, theBasic Input-Output system (BIOS) which may control basic hardware and/orsoftware operation such as the interaction with peripheral components ordevices. For example, the use module 505-a, the tracking module 510-a,and the sync module 515-a to implement the present systems and methodsmay be stored within the system memory 530. Applications may be residentwithin the authentication device, e.g., a hard disk drive or otherstorage medium, alternatively or additionally, applications can be inthe form of electronic signals modulated in accordance with theapplication and data communication technology when accessed via anetwork interface.

In some embodiments, all of the elements shown in FIG. 5B need not bepresent to practice the present systems and methods. The devices andsubsystems can be interconnected in different ways from that shown inFIG. 5B. In some embodiments, an aspect of some operation of a system,such as that shown in FIG. 5B, may be readily known in the art and arenot discussed in detail in this application. Code to implement thepresent disclosure can be stored in a non-transitory computer-readablemedium such as one or more of system memory 530 or other memory. Theoperating system provided on input/output controller 540 may be iOS®,ANDROID®, MS-DOS®, MS-WINDOWS®, OS/2®, UNIX®, LINUX®, or another knownoperating system.

The authentication device 500 described herein may include componentsshown and described in U.S. Pat. No. 9,651,325, hereby incorporated inits entirety by reference. In that regard, the authentication device 500can include software and/or mechanical components that integrate withthe firearm and that perform the operations described herein. Forexample, a pin or other structure in the firearm can be actuated by orcaused to be actuated by the authentication device 500 to enable ordisable a trigger. FIGS. 5C-5K illustrate an embodiment in which a pinis positioned behind a trigger of a firearm and the pin is in a lockedposition which prevents the movement of the trigger and thus preventsthe firearm from firing or an unlocked position which enables thetrigger to be pulled. As another example, a cover could be actuated byor caused to be actuated by the authentication device 500 to slide overa trigger access location to disable the firearm where a user could notaccess the trigger. There are various structures which can be used toeither lock or block the movement of the trigger or to block access tothe trigger by a user. Some example structures are disclosed below.

A specific example of an authentication device 500′ is shown in FIGS.5C-5K. In the illustrated embodiments of FIGS. 5C-5G shown herein, theauthentication device 500′ includes a trigger lock assembly 502′ shownattached to a firearm FA of an “Assault Rifle” type (e.g., an “AR-15,”hereinafter “AR”); however, the embodiments described herein areintended for use with any suitable firearm to prevent accidental andunauthorized discharge.

Referring to FIGS. 5C and 5D, the trigger lock assembly 502′ generallyincludes a firearm interface portion 504′ including a slot 506′, thefirearm interface portion 504′ couplable to a lower assembly L of thefirearm FA, a grip portion 510′, a cover portion 520′, a cover portion522′, a fingerprint scanner 524′, a trigger interference member 530′ (orlocking bar) capable of blocking actuation of a trigger T containedwithin a trigger guard TG, a continuous fire button 550′, a coverportion access lock 560′, and a manual authentication component 562′.The grip portion 510′ also includes status light emitting diodes (LEDs)552′. In one aspect, a vibration sensor can be configured in the grip aswell for haptic feedback of status.

Note that the fingerprint scanner 524′ can be configured at any locationon the grip portion 510′ or elsewhere on the firearm. For example, thefingerprint scanner 524′ could be configured on the trigger T itself oron another location. When the user authenticates with the firearm, thetrigger interference member 530′ will shift back into the unlockedposition as shown in the transition from FIG. 5E to FIG. 5F. Also notethat the fingerprint scanner 524′ represents any biometric sensor suchas a sensor for facial recognition, iris detection and so forth. In oneaspect feature 552′ can slide down and allow the trigger interferencemember 530′ to be able to slide back upon firing the fire arm. Feature552′ will be mechanically retained by 532 and 534 which may or may notbe magnets. For example, it may be mechanically latched with a piece ofspring steel/plastic to catch the plunger and retain it until the gripis released.

In one aspect, the LEDs 552′ that can identify for the user the statusof the charge or the status of the trigger lock assembly in terms of itsoperation (battery power) can be configured in the grip portion 510′ orat another location of the firearm lower assembly L of the firearm FA.The configuration can include being embedded in an indentation or cavity570 (shown in FIGS. 5J and 5K) in the firearm lower assembly L that isconfigured such that the LEDs 552′ can be viewed from the rear of thefirearm but not viewable from a front portion of the firearm. In thismanner, the user of the firearm can see the status but a suspect orperson on the other side of the firearm could not see the LED status552′.

The trigger lock assembly 502′ is configured to interface the hand of auser of the firearm FA. In some embodiments, the trigger lock assembly502′ replaces the grip of the firearm FA as provided by the originalequipment manufacturer (OEM). In other embodiments, the trigger lockassembly 502′ components are integrated into the firearm FA and do notreplace the grip.

As shown in FIG. 5C, the firearm interface portion 504′ provides amounting link between the lower assembly L of the firearm FA and thegrip portion 510′. In the illustrated embodiment, the firearm interfaceportion 504′ is shown as integral to the grip portion 510′; however, inother embodiments, the firearm interface portion 504′ is a separatedcomponent from the grip portion 510′ such that a single style of gripportion 510′ may be specified in conjunction with numerous styles offirearm interface portions.

Now turning to FIGS. 5E-5G, detailed views are shown in cutaway of thetrigger lock assembly 502′ transitioning through various functionalstates (with wiring connections between the components omitted forclarity). FIG. 5E illustrates a locked state in which the triggerinterference member 530′ blocks the actuation of the trigger T.

The various components inside of the grip portion 510′ include a battery580′, a main printed circuit board (PCB) 582′ with at least one centralprocessing unit (CPU, not shown), a manual lock 564′ for manual overrideof the authentication system, a continuous fire button switch 536′, atrigger interference member block 512′, a block plunger 514′, a plungersleeve 516′, a plunger magnet 532′, a continuous fire magnet 534′, and amounting bore 540′ for coupling of the trigger lock assembly 502′ to thelower assembly L of the firearm FA. The continuous fire button switch536′ could also represent an unlocking mechanism which, when the usergrips the grip portion 510′ of the firearm, causes the authenticationsystem 500 to turn on and start the authentication and unlockingprocess.

The trigger lock assembly 502′ interfaces the trigger T through thetrigger interference member 530′ slidably positioned in the slot 506′.An authentication and unlock sequence of the trigger lock assembly 502′is shown in the transition from FIGS. 5E to 5F. A return to locked statesequence following authentication of the trigger lock assembly 502′ isshown in the transition from FIGS. 5F to 5G. For example, when a usersets down the firearm and thus no longer is putting pressure on thecontinuous fire button switch 536′, the authentication device 500 cantransition to a locked state as shown in FIG. 5E.

The process of authentication, thereby arming the firearm FA, will nowbe described in greater detail. Upon grasping the grip portion 510′ ofthe trigger lock assembly 502′, the user compresses the continuous firebutton 550′ with a palm of the user's hand, as shown in a compressedstate in FIG. 5E, with a corresponding interface and movement of thecontinuous fire button switch 536′. In some embodiments, the continuousfire button 550′ includes a self-return feature (e.g., a spring (notshown)) to ensure the continuous fire button 550′ is returned to anextended position following the removal of the hand of the user,preventing further actuation of the firing system of the firearm FAwithout authentication.

With the continuous fire button 550′ compressed, the plunger magnet 532′and the continuous fire magnet 534′ are aligned with the path of theblock plunger 514′. In these embodiments, the signal from the continuousfire button 550′ activates the fingerprint (or other biometric) scanner524′ such that it is ready to read the fingerprint (or face, iris, etc.)of a user to commence the authentication process. In other embodiments,a separate switch accessed on the exterior of the trigger lock assembly502′ is used to activate and wake the system. In further embodiments,non-mechanical methods are used to activate the system from the lowpower consumption state, such as RFID, capacitive discharge,accelerometer signals, etc.

As the user wraps fingers around the grip portion 510′, the middlefinger aligns with the fingerprint scanner 524′, which performs a scanof the user's fingerprint and sends the scan to the main PCB 582′ foranalysis. The main PCB 582′ compares the scan with a stored authorizeduser fingerprint, i.e., the authorization key. Upon validauthentication, the main PCB 582′ may send a signal through a diode toan electronic or electromagnetic actuator drivingly connected to theblock plunger 514′. The retraction of the electronic actuator moves theblock plunger 514′, and thereby the trigger interference member block512′ out of the path of the trigger interference member 530′ such thatthe trigger T can be actuated.

In another example, a facial scanner component (not shown) could beconfigured on a top portion of the firearm such that the user may justneed to look at the firearm to be authorized.

The plunger magnet 532′ and the continuous fire magnet 534′ are in closeproximity such that magnetic force holds the block plunger 514′ in anarmed position (see FIG. 5F). The block plunger 514′ includes aself-return feature, e.g., a plunger spring (not shown), that returnsthe block plunger 514′ and the trigger interference member block 512′ tothe locked position (away from the continuous fire magnet 534′, as shownin FIG. 5G). In the illustrated embodiments, as described, the firearmFA can be fired without interruption so long as the continuous firebutton 550′ is depressed, keeping the magnetic bond between the plungermagnet 532′ and the continuous fire magnet 534′.

Other approaches can be used to authenticate and unlock the system. Forexample, a blocking panel (not shown) can be used that can slide overone or both sides of the trigger T such that the user cannot access thetrigger T.

In one embodiment, as described above, authentication is performed usinga fingerprint scanner 524′ mounted in a fingerprint scanner PCB (notshown) integrated into a window of the cover portion 520′. When a usergrabs and powers up the firearm FA, it can immediately look to unlockthe weapon either by biometric, RFID, or other electronics means, andany success on any of these approaches will unlock this weapon. In otherembodiments, authentication is performed using an RFID USB board (notshown) paired with an RFID reader in the trigger lock assembly 502′. TheRFID system suitably includes a wearable component (not shown) as theauthorization key carrying device, such as a ring, bracelet, glove,necklace, etc., or a non-wearable component, such as a card, remote, keyfob, etc. The system authenticates the RFID device through the RFID USBboard to authorize the user and retracts the trigger interference memberblock 512′ using the electronic actuator. In further embodiments,authentication is performed using heartbeat signature recognition,retina scan identification, facial recognition or other suitableauthentication methods. A valid authentication requires enrollment ofthe authorization key (e.g., a fingerprint image, RFID key, heartbeatsignature, facial recognition, retina scan, etc.). The enrollmentprocess for new authorization keys, or to replace existing authorizationkeys, is described in further detail related to the enrollment station200 described herein.

In another aspect, a separate device such as a user device 107 canprovide the authentication, such as via a fingerprint or faceprint usingthe sensors built into the user device 107, and couple directly with theauthentication device 500 to provide authorization.

Once the user lets go of the firearm, the mechanisms cause the triggerinterference member 530′ to again extend into the locked position shownin FIG. 5E. When the user or another user picks up the firearm, theauthentication process begins again to determine whether the system willretract the trigger interference member 530′ and enable the firearm tobe used. In another aspect, a mechanical key could be used to gainaccess to use the weapon. The key can be inserted in a keyhole whichenables the user to access a component that enables the user to manuallyretract the trigger interference member 530′. This can be useful if thebattery on the firearm has died or cannot be charged and the firearmneeds to be used. The key in one aspect would stay in place in theweapon while it is used and then to remove the key, the user would haveto lock the weapon to be able to extract the key.

As noted above, one or more authentication devices 500 may communicatewith one or more docking stations 400 that are configured to downloadfirearm statistics from the authentication device(s) 500 and upload afirearm profile to the respective authentication device.

In the illustrated embodiment of FIGS. 5H-5K, the docking station 400-aincludes a housing 576 that encloses any mechanical and electricalcomponents of the docking station 400-a. The housing 576 is furtherconfigured to selectively receive or mate with a portion of a firearmfor charging and/or communicating with the authentication device 500′.In that regard, the housing 576 includes a firearm-receiving cavity 572that is generally shaped, sized, and configured to receive a bottom part522′ of the grip portion of the firearm FA, such as the grip portion510′ shown in FIGS. 5C-5G.

The docking station 400-a may include a locking assembly (not shown indetail) that can help urge the firearm FA into and out of mated, lockingengagement with the housing 576. For instance, one or more biasingelements, such as compression springs, may be disposed within theinterior firearm-receiving cavity 572 that urges the firearm into andout of mated, locking engagement with, for instance, magnets disposedwithin the housing 576 (that are attracted to corresponding magnets inthe firearm, which can be represented by feature 562′).

The docking station 400-a can include a printed circuit board thatperforms a number of functions. First, the docking station 400-a canmanage the charging of a lithium battery configured within the firearmor the grip portion 510′ of the firearm. The docking station 400-a caninclude a DC plug to power the firearm FA. The docking station 400-a canalso establish a secure communication between itself and the firearm FA.The printed circuit board can then use its communication capability(through a network interface such as to a CAT-5 cable or othercommunication protocol such as WiFi, 5G or other wired or wirelessprotocol) to establish a virtual private network tunnel to a remoteserver or cloud-based computing services 115. Through these operations,the firearm FA can be recharged, the docking station 400-a can receivesecure data from the firearm and the docking station can communicate thedata received from the firearm securely with a remote server. Thedocking station 400-a can be assigned to a particular client and canencrypt all the data received from the firearm FA that is transmittedfrom the docking station 400-a to the remove server 115. Note that thedocking station 400-a does not store any firearm related data.Furthermore, the firearm FA is never connected directly to the remoteserver 115 or to the Internet in one aspect, which can improve securityand prevent hacking. The firearm FA is connected to the docking station400 a which interfaces with the firearm in a secure manner to receivedata from the firearm FA. The data is then transmitted from the dockingstation 400-a to the cloud-based server 115 in a secure manner. Thedocking station 400-a basically repackages the data received from thefirearm FA and transmits it to the cloud-based server 115. The only datathat is on the docking station 400-a is data than enables the ability toestablish communication and authenticate with the remote server 115using a pre-stored key for security purposes. None of the data obtainedfrom the firearm FA is stored on the docking station 400-a.

FIG. 5H illustrates an isometric view of the example authenticationdevice 500′ in connection with the firearm FA and a docking station400-a holding the authentication device 500′. The docking station 400-acan include a side wall as part of the cover 576 that conforms or iscomplementary to a shape of the authentication device 500′ or grip ofthe firearm FA. FIG. 5H shows the authentication device 500′ in a dockedstatus such that secure communication of data can occur between theauthentication device 500′ and the docking station 400-a.

FIG. 5I illustrates an isometric view of the example authenticationdevice 500′ in connection with the firearm FA separated from the dockingstation 400-a. The cover portion 522′ of the grip is shown as well as abiometric reader 524′ which is shown on a front surface of the grip ofthe authentication device 500′. The cavity of the docking station 400-athat receives the authentication device 500′ is shown as well.

FIG. 5J illustrates an isometric view of the example authenticationdevice 500′ and the docking station 400-a holding the authenticationdevice 500′ in a docked status. The cover 576 of the docking station400-a is shown as well as the indentation 570 that can be configuredsuch that a status light or other indicator can be viewed from behindthe firearm FA but not from the front. The trigger interference member530′ is shown in this figure which feature can interact with (block orunblock) the movement of the trigger.

FIG. 5K illustrates an isometric view of the example authenticationdevice 500′ as it docks with the docking station 400-a. The interiorcavity 572 of the docking station 400-a can be complementary in shape tohold the authentication device 500′ and establish communication via acommunication component 563 with the component 562′ on the grip. ANinterior wall 574 is shown that can provide side support for theauthentication device 500′.

FIG. 6 is a swim diagram 600 outlining the various ways the firearmauthentication and tracking system can interact. The swim diagram 600includes a user device 107, an enrollment station 200-b, a managementstation 300-b, a docking station 400-b, and an authentication device500-b. Each of the devices/stations may be examples of previousstations/devices discussed herein.

At block 605, the enrollment station 200-b may generate a user profile.This may include gathering identifying data and personal informationabout the user from the user device 107 or otherwise. The managementstation 300-b may receive the profile at block 610. For example, theenrollment station 200-b may send the profile to the management station300-b or the management station 300-b may request a user profile fromthe enrollment station 200-b.

The enrollment station 200-b can include a biometric sensor(fingerprint, facial recognition, etc.) to authenticate the user whichcan also occur in connection with communication with the user device107. A proprietary printed circuit board can include or be programmedwith the functionality described herein for the enrollment station200-b. An RF antenna is included to scan biometric rings used byofficers or other RFID component. It can also have a USB-OTG (USBOn-The-Go) cable to connect to the user device 107 such as an Androidtablet, iPad, or the like with specialized software and a power adapter.Any computer system can be configured to interact with the enrollmentstation 200-b. The user device 107 can establish a secure encryptedcommunication with the enrollment station 200-b. No data is actuallystored on the enrollment station 200-b but, when prompted, it will scanfor either an RFID or biometric scan. In one example, this is the onlyway to register with the system 115. The enrollment station 200-bcommunicates securely with the user device 107. The user device 107creates the tunnel back to the cloud infrastructure or managementstation 300-b. The user device 107 is configured for each customer andcan only be used by that person. The user device 107 communicates withthe management station 300-b and stores the data about each person. Theway that data gets transmitted to the firearm authentication device500-b is through the docking station 400-b and through a securecommunication with the management station 300-b. When the firearm isdocked at the docking station 400-b, the data loaded onto theauthentication device 500-b enables an authorized user to use thefirearm.

At block 615, the management station 300-b may assign the user profileto one or more authentication devices 500-b. The management station300-b may then communicate the user profile to a docking station 400-bat block 620. When the authentication device 500-b associated with apredetermined firearm is in communication with the docking station400-b, the authentication device 500-b may update the authorized userprofiles or download firearm statistics at block 625. Logs, usage data,geographic data, data regarding who has used the firearm, and so forthcan be downloaded to the docking station 400-b when the authenticationdevice 500-b is docked at the docking station 400-b. The docking station400-b does not store any of this data but receives such data andrepackages it for transmission to the management station 300-b (or otherserver 115) in a secure manner. The docking station 400-b can query themanagement station 300-b for any profile updates. For example, new usersmight be added to the system or some users removed from the system. Thedocking station can receive such updates to the profiles 620 and theupdated data can be communicated to the authentication device 500-b.

As mentioned earlier, the authorized users may be organized into groupsor tiers. The first tier may be immediate authorized users. These areusers such as a law enforcement personnel and their partners or amilitary personnel and their squadron. The second tier may include alllaw enforcement personnel in a precinct or all authorized militarypersonnel at a base or station. The third tier may include all lawenforcement personnel in a district or perhaps a wider range of militarypersonnel with authorization to operate the predetermined firearm.

At block 630, the authentication device 500-b may track firearm data. Asmentioned previously, this may include any and all information about thefirearm. This data can include logs, health statistics, usage data,location-based tracking, and so forth. In some embodiments, thepersonnel may select which parameters the authentication device tracks.In still further embodiments, the authentication device 500-b may trackall known data and the management station 300-b may parse the data in areport for the personnel.

When the authentication device 500-b is in communication with thedocking station 400-b, the docking station 400-b may download allfirearm statistics and data. In some embodiments, the docking station400-b may poll the authentication device 500-b at predeterminedintervals to gather data. In additional or alternative embodiments, theauthentication device 400-b may only download firearm statistics and/orauthentication device data when the authentication device 500-b has beenout of communication with the docking station 400-b for a predeterminedtime period. For example, if the authentication device 500-b has beendisconnected from the docking station 400-b for more than 5 minutes, thedocking station may download the firearm statistics. This predeterminedtime period or syncing of data may be set by personnel. The timing ofsynchronization can be related to a work shift, a triggering event suchas a robbery or a holiday, a time of day, and so forth.

The docking station 400-b may transfer the firearm statistics to themanagement station 300-b. The management station 300-b may then generateeither an alert or a report. The report, as mentioned, may be specificto firearms, squads, users, or the like. The reports may be generatebased on system preferences. For example, an administrator of the systemmay set the reports and alerts they wish to receive.

In some embodiments, not shown in the system 600, the authenticationdevice 500-b may directly communicate with the management station 300-b.This may enable the management station 300-b to generate one or morealerts in real time. For example, the management station 300-b maygenerate an alert when the firearm is discharged or when an unauthorizeduser attempts to discharge or access the authentication device 500-b.The immediate alerts can be determined by one or more administrators ofthe system.

FIG. 7 illustrates an example method 700 of managing one or morefirearms having an authentication device 500. The method 700 may beimplemented on one or more devices or stations discussed herein. At step705, the method 700 may include receiving a profile of one or morefirearm users. At block 710, the method 700 may include registering theprofile of the one or more firearm users to access one or moreauthentication devices coupled to one or more firearms. At step 715, themethod 700 may include tracking a firearm user's usage of the one ormore firearms coupled to the authentication devices via the profile ofthe firearm user.

FIG. 8 illustrates an example method 800 of enrolling a user of afirearm safety system. The method 800 may be implemented on one or moredevices or stations discussed herein. At step 805, the method 800 mayinclude receiving instructions to enroll a new user of the firearmsafety system. At block 810, the method 800 may include receiving one ormore biometric data points from the new user. At block 815, the method800 may include finalizing a user profile with the one or more biometricdata points. The one or more biometric data points may enable the newuser to access at least one authentication device coupled to a firearm.

FIG. 9 illustrates an example method 900 of communicating with a firearmauthentication device in accordance with various embodiments describedherein. At block 905, the method 900 may include establishingcommunication with an authentication device coupled to a firearm. Atblock 910, the method may include downloading firearm statistics fromthe authentication device. At block 915, the method 900 may includeuploading a firearm profile to the authentication device coupled to thefirearm.

The methods described herein, and any functionality or operations thatis disclosed, can be captured or described in an embodiment in which theparticular steps are practiced by one or more of the stations or devicesdisclosed herein. For example, a method as practiced by anauthentication device 500 in terms of receiving data, transmitting data,obtaining data, and so forth, can represent an embodiment of thisdisclosure. The steps practiced by a management station 300 or anenrollment station 200, or the combination of a docket station 400 andan authentication device 500 also can be defined in terms of the stepsperformed by the one or more components. One embodiment can be to afirearm having an associated authentication device 500 as well.

It is noted that in one aspect, the steps disclosed herein can bepracticed by a “system.” The system can include the server and one ormore clients together, or might just be functionality performed by theserver. The system could also be a client or a group of clients, such asclients in a particular geographic area or clients groups in some mannerthat are performing the client-based functions disclosed herein. Claimscan be included which outline the steps that occur from the standpointof any device disclosed herein. For example, the steps of transmission,calculation, and receiving of data can be claimed from the standpoint ofa server device, a client device, or group of client devices dependingon which embodiment is being covered. All such communication from thestandpoint of an individual component or device can be included aswithin the scope of a particular embodiment focusing on that device. Inonce aspect, a system could be defined as a firearm and an associatedauthentication device 500 configured on the firearm.

Although a variety of examples and other information was used to explainaspects within the scope of the appended claims, no limitation of theclaims should be implied based on particular features or arrangements insuch examples, as one of ordinary skill would be able to use theseexamples to derive a wide variety of implementations. Further andalthough some subject matter may have been described in languagespecific to examples of structural features and/or method steps, it isto be understood that the subject matter defined in the appended claimsis not necessarily limited to these described features or acts. Forexample, such functionality can be distributed differently or performedin components other than those identified herein. Rather, the describedfeatures and steps are disclosed as examples of components of systemsand methods within the scope of the appended claims.

Any individual claim below can be dependent from any one or more of theprevious claims. Any concept disclosed herein can be used in connectionwith any other concept.

Claim language reciting “at least one of” a set indicates that onemember of the set or multiple members of the set satisfy the claim. Forexample, claim language reciting “at least one of A and B” means A, B,or A and B.

I claim:
 1. A method comprising: receiving, at a docking station, astatus of an authentication device associated with a firearm; receivinga registration, at an enrollment module, of one or more users associatedwith the firearm, wherein the enrollment module is separate from thedocking station; and managing, via a management station, access to thefirearm through the authentication device, wherein the managementstation: is configured to run a secure software application on a securedand locked down operation system to facilitate management of theauthentication device associated with the firearm; is separate from thefirearm; and in communication with at least one of the docking stationand the enrollment station.
 2. The method of claim 1, furthercomprising: globally managing a plurality of firearms in which eachrespective firearm is associated with a respective authentication deviceand wherein each respective firearm provides a status of its respectiveauthentication device to a respective docking station and wherein one ormore respective users associated with each respective firearm isregistered with the enrollment station.
 3. The method of claim 1,further comprising: charging the authentication device through thedocking station.
 4. The method of claim 1, further comprising:communicating, from the docking station, one or more of a battery statusof the authentication device, an operable status of the authenticationdevice, a docking status, or a health status of the firearm to anetwork-based server.
 5. The method of claim 1, further comprising:docking, via the docking station, a firearm grip associated with theauthentication device.
 6. The method of claim 1, wherein theauthentication device is coupled to the firearm.
 7. The method of claim1, further comprising: registering, via the management station, aprofile of a firearm user to access the authentication device whencoupled to the firearm; and tracking usage by a firearm user of thefirearm coupled to the authentication device via the profile of thefirearm user.
 8. The method of claim 7, further comprising: determining,via the management station, credentials of each profile of one or morefirearm users and allocate the credentials to predetermined firearms. 9.The method of claim 1, further comprising: grouping, via the managementstation, one or more user profiles into one or more groups.
 10. Themethod of claim 9, further comprising: assigning, via the managementstation, each of the one or more user profiles a ranking level withinthe one or more groups.
 11. The method of claim 9, further comprising:assigning, via the management station, one or more firearms to the oneor more groups.
 12. The method of claim 1, further comprising: tracking,via the management station, at least one of a location, discharge,battery, and usage statistics of the firearm.
 13. The method of claim 1,further comprising: determining, via the management station, ageographical location of the firearm.
 14. The method of claim 1, furthercomprising: defining, via the management station, a predetermined usageboundary for the firearm and disabling, automatically, the firearm whenthe firearm violates the predetermined usage boundary.
 15. The method ofclaim 14, wherein the predetermined usage boundary comprises one or moreof a geographical boundary, an unauthorized user of the firearm, apredetermined number of discharges from the firearm, and a predeterminedtype of ammunition.
 16. The method of claim 1, further comprising:receiving, via the management station, usage data about the firearm;analyzing the usage data to yield analyzed usage data; and generating areport detailing the analyzed usage data.
 17. The method of claim 1,further comprising: receiving, via the management station, a dischargenotification when the firearm discharges and to generate a dischargealert when the discharge notification is received.
 18. The method ofclaim 1, further comprising: receiving, via the management station, adocking notification when the firearm is docked and generating a dockingalert when the docking notification is received.
 19. The method of claim1, further comprising: receiving, via the management station, a firearmprofile of the firearm and to register the authentication device to thefirearm profile.
 20. The method of claim 19, wherein the firearm profileincludes at least one of a firearm serial number, a firearm type, anammunition type, and a discharge speed.
 21. The method of claim 1,further comprising: establishing, via the management station,communication with the authentication device, download firearmstatistics from the authentication device and upload a firearm profileto the authentication device coupled to the firearm.
 22. The method ofclaim 1, further comprising: receiving, via the management station,instructions to enroll a new user of a firearm safety system; andreceiving one or more biometric data points from the new user andfinalize a user profile with the one or more biometric data points toyield a finalized profile, wherein the one or more biometric data pointsenable the new user to access at least one authentication device coupledto the firearm.
 23. An authentication device coupled to a firearm, theauthentication device comprising: a trigger interference member thatcontrols an ability of a trigger on the firearm to be pulled and thusconfigured to limit operation of the firearm to one or more users of thefirearm; and a connection component that enables the authenticationdevice to connect to a docking station having a cavity configured toreceive a portion of the firearm for docking, the docking stationconfigured to receive, from the authentication device, a status of theauthentication device, wherein: the connection component is furtherconfigured to communicate with a management station; the managementstation is separate from the firearm; the management station is incommunication with the docking station; and the management station isconfigured to run a secure software application on a secured and lockeddown operation system to facilitate management of the authenticationdevice associated with the firearm.
 24. The authentication device ofclaim 23, wherein a network-based server communicates with themanagement station, an enrollment station, and the docking station toglobally manage the firearm plus a plurality of other firearms.
 25. Theauthentication device of claim 23, wherein the management stationcommunicates with an enrollment station that is separate from thefirearm and in communication with the docking station via a network andwherein the enrollment station is configured to register the one or moreusers of the firearm.